FIDEL PLATFORMS, INC. – PRIVACY POLICY

Last Updated: 22 December 2025

Fidel Platforms, Inc. ("Fidel Platforms," "Company," "we," "us," or "our") is committed to maintaining strong privacy protections for users of Fidel80. This Privacy Policy ("Privacy Policy") is designed to help you understand how we collect, use, store, and safeguard information you provide to us and to assist you in making informed decisions when using our services.

For purposes of this Privacy Policy:

  • "Site" refers to the Company's website, accessible at https://fidel80.com, including any related web applications or dashboards.
  • "Service" refers to the Company's identity verification, KYC, and compliance-related services provided via the Site, including document verification, biometric verification, database verification, fraud detection, and related APIs.
  • "You" refers to you, as a user of our Site or Service, whether as an individual, representative of an organization, or an end user verified through our platform.

By accessing or using our Site or Service, you accept this Privacy Policy and our Terms of Use, and you consent to the collection, storage, use, and disclosure of your information as described herein.

I. INFORMATION WE COLLECT

We collect Non-Personal Information and Personal Information.

Non-Personal Information

Non-Personal Information includes information that cannot be used to personally identify you, such as anonymous usage data, referring/exit pages and URLs, browser and device types, operating systems, timestamps, general location data (e.g., country), and usage patterns.

Personal Information

Personal Information includes information that can be used to identify an individual. Depending on how the Service is used, this may include:

  • Full name
  • Email address
  • Phone number
  • Date of birth
  • National identification numbers (where applicable)
  • Government-issued identity document data
  • Biometric data (e.g., facial images for identity verification)
  • Address and nationality
  • Organizational account credentials
  • Verification metadata generated during KYC processes

Personal Information may be provided directly by you or by an organization using Fidel80 for identity verification purposes.

1. Information Collected via Technology

To access general information on the Site, you may not be required to submit Personal Information. However, to use the Service, including dashboards or APIs, you may be required to provide Personal Information.

We automatically collect certain information when you access or use the Service, including:

  • Referring URL
  • Browser type and version
  • Device type and operating system
  • IP address
  • Date and time of access
  • Pages viewed and actions taken within the Service

This information is collected using cookies, log files, and similar tracking technologies.

Cookies may be used to:

  • Maintain session authentication
  • Improve platform performance
  • Monitor aggregate usage patterns
  • Enhance security and fraud prevention

We may use both session cookies (which expire when you close your browser) and persistent cookies (which remain until deleted). You may disable cookies through your browser settings, but doing so may limit certain features of the Service.

2. Information You Provide When Registering or Using the Service

To access certain features of Fidel80, organizations and authorized users must create an account by providing an email address, username, password, and other required details.

Organizations using Fidel80 may submit Personal Information of their customers or users ("Data Subjects") for identity verification purposes. In such cases, Fidel Platforms acts as a data processor or service provider, processing Personal Information strictly on behalf of the client and in accordance with applicable data protection laws and contractual obligations.

3. Children's Privacy

The Site and Service are not directed to individuals under the age of 13, and we do not knowingly collect Personal Information from children under 13.

If we become aware that we have collected Personal Information from a child under 13 without verified parental consent, we will delete such information promptly. If you believe this has occurred, please contact us at privacy@fidel80.com.

II. HOW WE USE AND SHARE INFORMATION

Personal Information

We do not sell, rent, or trade Personal Information for marketing purposes.

We may use Personal Information to:

  • Provide and operate the Service
  • Perform identity verification and compliance checks
  • Respond to inquiries and provide customer support
  • Improve system security and fraud prevention
  • Communicate service-related updates
  • Comply with legal and regulatory obligations

We may share Personal Information with:

  • Trusted service providers (e.g., cloud hosting, security, analytics) acting under strict confidentiality agreements
  • Government authorities, regulators, or law enforcement where required by law
  • Clients who submitted the data for verification purposes

We may disclose Personal Information if we believe in good faith that such disclosure is necessary to:

  • Comply with legal processes or regulatory requirements
  • Enforce our Terms of Use
  • Detect, prevent, or address fraud or security threats
  • Protect the rights, safety, or property of users, clients, or the public

Non-Personal Information

We use Non-Personal Information to:

  • Monitor and analyze usage trends
  • Improve system performance and user experience
  • Generate aggregated analytics

We may share aggregated or anonymized Non-Personal Information with partners or third parties at our discretion. This Privacy Policy places no limitations on our use of Non-Personal Information.

Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, Personal Information may be transferred as part of the transaction. Any successor entity will continue to process such information in accordance with this Privacy Policy.

III. HOW WE PROTECT INFORMATION

We implement administrative, technical, and organizational safeguards designed to protect Personal Information, including:

  • Encryption at rest and in transit
  • Secure access controls
  • Firewalls and intrusion detection systems
  • Role-based access limitations
  • Regular security audits and monitoring

While we strive to protect your information, no system is completely secure. By using the Service, you acknowledge and accept this risk.

IV. YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

Depending on applicable laws, you may have the right to:

  • Access your Personal Information
  • Request correction or deletion
  • Restrict or object to processing
  • Withdraw consent where applicable

Marketing communications may be opted out of using unsubscribe links or account settings. Service-related or administrative communications may still be sent as necessary.

Data subjects whose information is processed on behalf of Fidel80 clients should contact the relevant organization directly to exercise their rights.

V. LINKS TO OTHER WEBSITES

The Site may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage users to review their privacy policies before engaging with them.

VI. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time. Significant changes will be communicated via the Site or email and will become effective 30 days after notification. Non-material updates take effect immediately.

VII. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@fidel80.com
Company: Fidel Platforms, Inc.

FIDEL80 DATA PROCESSING ADDENDUM (DPA)

This Data Processing Addendum ("DPA") forms part of the agreement between Fidel Platforms, Inc. ("Fidel Platforms," "Processor," "we," "us") and the customer or organization using Fidel80 ("Customer," "Controller") and applies where Fidel Platforms processes Personal Data on behalf of the Customer in connection with the Fidel80 services ("Service").

This DPA is incorporated by reference into and supplements the applicable master service agreement, subscription agreement, or terms of use between the parties (the "Agreement").

1. DEFINITIONS

For purposes of this DPA:

  • "Personal Data" means any information relating to an identified or identifiable natural person as defined under applicable data protection laws.
  • "Processing" means any operation performed on Personal Data, including collection, recording, storage, use, disclosure, or deletion.
  • "Controller" means the entity that determines the purposes and means of processing Personal Data.
  • "Processor" means the entity that processes Personal Data on behalf of the Controller.
  • "Data Subject" means the individual to whom Personal Data relates.
  • "Applicable Data Protection Laws" include GDPR, UK GDPR, and applicable national data protection laws in jurisdictions where the Service is used.

2. ROLES OF THE PARTIES

  • The Customer acts as the Controller of Personal Data submitted to the Service.
  • Fidel Platforms acts as a Processor (or service provider) and processes Personal Data solely on documented instructions from the Customer.
  • In limited cases (such as account administration and billing), Fidel Platforms may act as an independent Controller.

3. SCOPE AND PURPOSE OF PROCESSING

Fidel Platforms processes Personal Data only to provide the Service, including but not limited to:

  • Identity verification and KYC checks
  • Document and biometric verification
  • Fraud detection and prevention
  • Compliance reporting and audit support
  • Technical support and system security

Processing shall not exceed what is necessary for these purposes.

4. TYPES OF PERSONAL DATA AND DATA SUBJECTS

4.1 Categories of Data Subjects

  • End users verified through Fidel80
  • Customers' clients, customers, or employees
  • Authorized representatives and administrators

4.2 Categories of Personal Data

  • Identification data (name, date of birth, nationality)
  • Government-issued ID data
  • Contact details (email, phone number)
  • Biometric data (facial images for verification purposes)
  • Verification metadata and audit logs
  • Device and technical identifiers (IP address, timestamps)

5. PROCESSING INSTRUCTIONS

Fidel Platforms shall:

  • Process Personal Data only on documented instructions from the Customer
  • Not use Personal Data for advertising, profiling, or unrelated commercial purposes
  • Promptly inform the Customer if an instruction violates applicable data protection laws

6. CONFIDENTIALITY

Fidel Platforms ensures that:

  • All personnel authorized to process Personal Data are bound by confidentiality obligations
  • Access to Personal Data is restricted on a need-to-know basis
  • Personnel receive appropriate data protection and security training

7. SECURITY MEASURES

Fidel Platforms implements appropriate technical and organizational measures to protect Personal Data, including:

  • Encryption in transit and at rest
  • Secure access controls and authentication
  • Network firewalls and monitoring
  • Segmentation of customer data
  • Regular vulnerability assessments

These measures are designed to protect against unauthorized access, loss, alteration, or disclosure.

8. SUB-PROCESSORS

8.1 Authorization

The Customer grants Fidel Platforms general authorization to engage sub-processors for hosting, security, analytics, and infrastructure services.

8.2 Obligations

Fidel Platforms ensures that:

  • Sub-processors are bound by written agreements with data protection obligations no less protective than this DPA
  • Fidel Platforms remains fully liable for the performance of its sub-processors

8.3 Changes

A list of key sub-processors may be made available upon request, and material changes may be communicated where required by law or contract.

9. DATA SUBJECT RIGHTS

Fidel Platforms shall:

  • Assist the Customer in responding to Data Subject requests (access, rectification, deletion, restriction, objection)
  • Not respond directly to Data Subjects unless legally required
  • Promptly notify the Customer of any Data Subject request received directly

10. DATA BREACH NOTIFICATION

Fidel Platforms shall:

  • Notify the Customer without undue delay after becoming aware of a Personal Data breach
  • Provide available information necessary for the Customer to comply with breach notification obligations
  • Cooperate in investigation and remediation efforts

11. DATA RETENTION AND DELETION

  • Personal Data shall be retained only for the duration specified by the Customer or as required by law
  • Upon termination of the Agreement, Fidel Platforms shall delete or return Personal Data, unless retention is legally required
  • Secure deletion methods are applied in accordance with industry standards

12. INTERNATIONAL DATA TRANSFERS

Where Personal Data is transferred outside the Customer's jurisdiction:

  • Transfers shall be conducted in accordance with Applicable Data Protection Laws
  • Appropriate safeguards (such as contractual protections) shall be applied where required

13. AUDITS AND COMPLIANCE

  • Fidel Platforms shall make available information reasonably necessary to demonstrate compliance with this DPA
  • Audits may be conducted by the Customer or an independent auditor, subject to reasonable notice and confidentiality obligations

14. LIABILITY

Liability arising from this DPA shall be governed by the limitation of liability provisions set forth in the Agreement, unless otherwise required by Applicable Data Protection Laws.

15. GOVERNING LAW

This DPA shall be governed by the governing law specified in the Agreement, unless otherwise mandated by applicable data protection regulations.

16. CONTACT

For questions related to this DPA or data protection matters, contact:

Email: privacy@fidel80.com
Company: Fidel Platforms, Inc.
Effective Date: 22 December 2025